{"id":3235,"date":"2014-09-11T20:26:40","date_gmt":"2014-09-12T01:26:40","guid":{"rendered":"http:\/\/www.carnaghan.com\/?p=3235"},"modified":"2019-07-22T17:25:55","modified_gmt":"2019-07-22T22:25:55","slug":"honeypots-to-lure-or-not-to-lure","status":"publish","type":"post","link":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/","title":{"rendered":"Honeypots: To Lure or Not To Lure"},"content":{"rendered":"

Honeypots are sometimes used as an active defense mechanism for network security and provide a means for targeting attackers and recovering forensic evidence.  A typical honeypot traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system.  Zou & Cunningham (2006).  They are used in various organizations in order to catch attackers and collect valuable information on the nature of their perpetrators.<\/p>\n

Honeypots are sometimes considered when the organization has the resources to adequately maintain and monitor such systems.  In the U.S. large financial organizations have turned the hackers\u2019 strengths into a weakness by implementing \u201cactive defense\u201d through digital deception. With the help of the Pentagon and Department of Homeland Security, banks are creating \u201choneypots\u201d,  fake online bank accounts registered to a \u201cfake\u201d user. When hacked, the forensic evidence has been used to track the location and methods of the hackers (Nakashima, 2013).<\/p>\n

There are however times when honeypots should not be considered as an active defense strategy.  This ultimately depends on the nature of the organization and whether or not they have qualified security personnel on staff to both correctly implement as well as maintain a honeypot for any given duration of time.  Situations where honeypots are setup by organizations that do not have the means to effectively manage them can lead to an unintended vulnerabilities and potentially breached systems.  In addition to this, liability implies that an organization could be ultimately sued if a honeypot is compromised and used to harm others.  Cole & Northcutt (n.d.).<\/p>\n

The bottom line is that whether or not to use a honeypot in a security plan depends on the nature of the organization and available resources.  If a decision is made to use one as an active form of defense, the organization should ensure they understand the risks associated with them and proceed accordingly.<\/p>\n

References:<\/p>\n

    \n
  1. Cole, E., and Northcutt, S. (n.d.).  Honeypots: A Security Manager’s Guide to Honeypots.  Sans.  Retrieved from: http:\/\/www.sans.edu\/research\/security-laboratory\/article\/honeypots-guide<\/a>.<\/li>\n
  2. Nakashima, E., (January 2013), To thwart hackers, firms salting their servers with fake data, Retrieved from: http:\/\/articles.washingtonpost.com\/2013-01-02\/world\/36211654_1_hackers-servers-contract-negotiations<\/a><\/li>\n
  3. Zhang, F., Zhou, S., Qin, Z., & Liu, J. (2003). Honeypot: a supplemented active defense system for network security. In Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies, 2003. PDCAT\u20192003<\/i> (pp. 231\u2013235). doi:10.1109\/PDCAT.2003.1236295<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

    Honeypots are sometimes used as an active defense mechanism for network security and provide a means for targeting attackers and recovering forensic evidence.  A typical honeypot traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[356],"tags":[4234],"post_series":[410],"yoast_head":"\nHoneypots: To Lure or Not To Lure - Ian Carnaghan<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Honeypots: To Lure or Not To Lure - Ian Carnaghan\" \/>\n<meta property=\"og:description\" content=\"Honeypots are sometimes used as an active defense mechanism for network security and provide a means for targeting attackers and recovering forensic evidence.  A typical honeypot traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/\" \/>\n<meta property=\"og:site_name\" content=\"Ian Carnaghan\" \/>\n<meta property=\"article:published_time\" content=\"2014-09-12T01:26:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-07-22T22:25:55+00:00\" \/>\n<meta name=\"author\" content=\"Ian Carnaghan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@icarnaghan\" \/>\n<meta name=\"twitter:site\" content=\"@icarnaghan\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ian Carnaghan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/\"},\"author\":{\"name\":\"Ian Carnaghan\",\"@id\":\"https:\/\/www.carnaghan.com\/#\/schema\/person\/c689c24d516c51968a88b628860740a5\"},\"headline\":\"Honeypots: To Lure or Not To Lure\",\"datePublished\":\"2014-09-12T01:26:40+00:00\",\"dateModified\":\"2019-07-22T22:25:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/\"},\"wordCount\":417,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.carnaghan.com\/#\/schema\/person\/c689c24d516c51968a88b628860740a5\"},\"keywords\":[\"CSEC 630\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/\",\"url\":\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/\",\"name\":\"Honeypots: To Lure or Not To Lure - Ian Carnaghan\",\"isPartOf\":{\"@id\":\"https:\/\/www.carnaghan.com\/#website\"},\"datePublished\":\"2014-09-12T01:26:40+00:00\",\"dateModified\":\"2019-07-22T22:25:55+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.carnaghan.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Honeypots: To Lure or Not To Lure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.carnaghan.com\/#website\",\"url\":\"https:\/\/www.carnaghan.com\/\",\"name\":\"Ian Carnaghan\",\"description\":\"Software Developer, Blogger, Educator\",\"publisher\":{\"@id\":\"https:\/\/www.carnaghan.com\/#\/schema\/person\/c689c24d516c51968a88b628860740a5\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.carnaghan.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/www.carnaghan.com\/#\/schema\/person\/c689c24d516c51968a88b628860740a5\",\"name\":\"Ian Carnaghan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.carnaghan.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f2aa5baca80c2be728de43a975185d91?s=96&d=retro&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f2aa5baca80c2be728de43a975185d91?s=96&d=retro&r=g\",\"caption\":\"Ian Carnaghan\"},\"logo\":{\"@id\":\"https:\/\/www.carnaghan.com\/#\/schema\/person\/image\/\"},\"description\":\"I am a software developer and online educator who likes to keep up with all the latest in technology. I also manage cloud infrastructure, continuous monitoring, DevOps processes, security, and continuous integration and deployment.\",\"sameAs\":[\"http:\/\/www.carnaghan.com\",\"https:\/\/x.com\/icarnaghan\"],\"url\":\"https:\/\/www.carnaghan.com\/author\/icarnaghan\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Honeypots: To Lure or Not To Lure - Ian Carnaghan","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/","og_locale":"en_US","og_type":"article","og_title":"Honeypots: To Lure or Not To Lure - Ian Carnaghan","og_description":"Honeypots are sometimes used as an active defense mechanism for network security and provide a means for targeting attackers and recovering forensic evidence.  A typical honeypot traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system.","og_url":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/","og_site_name":"Ian Carnaghan","article_published_time":"2014-09-12T01:26:40+00:00","article_modified_time":"2019-07-22T22:25:55+00:00","author":"Ian Carnaghan","twitter_card":"summary_large_image","twitter_creator":"@icarnaghan","twitter_site":"@icarnaghan","twitter_misc":{"Written by":"Ian Carnaghan","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/#article","isPartOf":{"@id":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/"},"author":{"name":"Ian Carnaghan","@id":"https:\/\/www.carnaghan.com\/#\/schema\/person\/c689c24d516c51968a88b628860740a5"},"headline":"Honeypots: To Lure or Not To Lure","datePublished":"2014-09-12T01:26:40+00:00","dateModified":"2019-07-22T22:25:55+00:00","mainEntityOfPage":{"@id":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/"},"wordCount":417,"commentCount":0,"publisher":{"@id":"https:\/\/www.carnaghan.com\/#\/schema\/person\/c689c24d516c51968a88b628860740a5"},"keywords":["CSEC 630"],"articleSection":["Cybersecurity"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/","url":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/","name":"Honeypots: To Lure or Not To Lure - Ian Carnaghan","isPartOf":{"@id":"https:\/\/www.carnaghan.com\/#website"},"datePublished":"2014-09-12T01:26:40+00:00","dateModified":"2019-07-22T22:25:55+00:00","breadcrumb":{"@id":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.carnaghan.com\/honeypots-to-lure-or-not-to-lure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.carnaghan.com\/"},{"@type":"ListItem","position":2,"name":"Honeypots: To Lure or Not To Lure"}]},{"@type":"WebSite","@id":"https:\/\/www.carnaghan.com\/#website","url":"https:\/\/www.carnaghan.com\/","name":"Ian Carnaghan","description":"Software Developer, Blogger, Educator","publisher":{"@id":"https:\/\/www.carnaghan.com\/#\/schema\/person\/c689c24d516c51968a88b628860740a5"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.carnaghan.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.carnaghan.com\/#\/schema\/person\/c689c24d516c51968a88b628860740a5","name":"Ian Carnaghan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.carnaghan.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f2aa5baca80c2be728de43a975185d91?s=96&d=retro&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f2aa5baca80c2be728de43a975185d91?s=96&d=retro&r=g","caption":"Ian Carnaghan"},"logo":{"@id":"https:\/\/www.carnaghan.com\/#\/schema\/person\/image\/"},"description":"I am a software developer and online educator who likes to keep up with all the latest in technology. I also manage cloud infrastructure, continuous monitoring, DevOps processes, security, and continuous integration and deployment.","sameAs":["http:\/\/www.carnaghan.com","https:\/\/x.com\/icarnaghan"],"url":"https:\/\/www.carnaghan.com\/author\/icarnaghan\/"}]}},"views":171,"_links":{"self":[{"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/posts\/3235"}],"collection":[{"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/comments?post=3235"}],"version-history":[{"count":0,"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/posts\/3235\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/media?parent=3235"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/categories?post=3235"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/tags?post=3235"},{"taxonomy":"post_series","embeddable":true,"href":"https:\/\/www.carnaghan.com\/wp-json\/wp\/v2\/post_series?post=3235"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}